feat(pack): switch --archive output from tar.gz to zip

Replace tarfile/gzip with zipfile (ZIP_DEFLATED) in both pack_bundle
(apm format) and export_plugin_bundle (plugin format). The unpacker
gains .zip support as the primary path; .tar.gz extraction is kept for
backward compatibility with existing bundles.

Aligns apm pack --archive with apm publish, which switched to .zip in
#1695, making the whole toolchain consistent on a single archive format.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: nadav-y

src/apm_cli/bundle/packer.py

@@ -1,7 +1,7 @@
 """Bundle packer  -- creates self-contained APM bundles from the resolved dependency tree."""
 
 import shutil
-import tarfile
+import zipfile
 from dataclasses import dataclass, field
 from pathlib import Path
 
@@ -41,7 +41,7 @@ def pack_bundle(
         target: Target filter  -- ``"copilot"``, ``"claude"``, ``"all"``, a list of
             target strings (e.g. ``["claude", "vscode"]``), or *None*
             (auto-detect from apm.yml / project structure).
-        archive: If *True*, produce a ``.tar.gz`` and remove the directory.
+        archive: If *True*, produce a ``.zip`` and remove the directory.
         dry_run: If *True*, resolve the file list but write nothing to disk.
         force: On collision (plugin format), last writer wins.
 
@@ -270,9 +270,12 @@ def pack_bundle(
 
     # 10. Archive if requested
     if archive:
-        archive_path = output_dir / f"{pkg_name}-{pkg_version}.tar.gz"
-        with tarfile.open(archive_path, "w:gz") as tar:
-            tar.add(bundle_dir, arcname=bundle_dir.name)
+        archive_path = output_dir / f"{pkg_name}-{pkg_version}.zip"
+        with zipfile.ZipFile(archive_path, "w", compression=zipfile.ZIP_DEFLATED) as zf:
+            for fp in sorted(bundle_dir.rglob("*")):
+                if fp.is_symlink() or not fp.is_file():
+                    continue
+                zf.write(fp, arcname=f"{bundle_dir.name}/{fp.relative_to(bundle_dir).as_posix()}")
         shutil.rmtree(bundle_dir)
         result.bundle_path = archive_path
 

src/apm_cli/bundle/plugin_exporter.py

@@ -11,7 +11,7 @@
 import json
 import re
 import shutil
-import tarfile
+import zipfile
 from pathlib import Path, PurePosixPath
 
 import yaml
@@ -420,7 +420,7 @@ def export_plugin_bundle(
         project_root: Root of the project containing ``apm.yml``.
         output_dir: Parent directory for the generated bundle.
         target: Unused for plugin format (reserved for future use).
-        archive: If True, produce a ``.tar.gz`` and remove the directory.
+        archive: If True, produce a ``.zip`` and remove the directory.
         dry_run: If True, resolve the file list without writing to disk.
         force: On collision, last writer wins instead of first.
 
@@ -645,16 +645,13 @@ def export_plugin_bundle(
 
     # 15. Archive if requested
     if archive:
-        archive_path = output_dir / f"{bundle_dir.name}.tar.gz"
+        archive_path = output_dir / f"{bundle_dir.name}.zip"
         ensure_path_within(archive_path, output_dir)
-        with tarfile.open(archive_path, "w:gz") as tar:
-
-            def _tar_filter(info: tarfile.TarInfo) -> tarfile.TarInfo | None:
-                if info.issym() or info.islnk():
-                    return None  # reject symlinks injected after write
-                return info
-
-            tar.add(bundle_dir, arcname=bundle_dir.name, filter=_tar_filter)
+        with zipfile.ZipFile(archive_path, "w", compression=zipfile.ZIP_DEFLATED) as zf:
+            for fp in sorted(bundle_dir.rglob("*")):
+                if fp.is_symlink() or not fp.is_file():
+                    continue  # reject symlinks injected after write
+                zf.write(fp, arcname=f"{bundle_dir.name}/{fp.relative_to(bundle_dir).as_posix()}")
         shutil.rmtree(bundle_dir)
         result.bundle_path = archive_path
 

src/apm_cli/bundle/unpacker.py

@@ -4,6 +4,7 @@
 import sys
 import tarfile
 import tempfile
+import zipfile
 from dataclasses import dataclass, field
 from pathlib import Path, PureWindowsPath
 
@@ -39,7 +40,7 @@ def unpack_bundle(
     file has the same name as a bundle file, the bundle file wins (overwrite).
 
     Args:
-        bundle_path: Path to a ``.tar.gz`` archive or an unpacked bundle directory.
+        bundle_path: Path to a ``.zip`` (or legacy ``.tar.gz``) archive, or an unpacked bundle directory.
         output_dir: Target project directory to copy files into.
         skip_verify: If *True*, skip completeness verification against the lockfile.
         dry_run: If *True*, resolve the file list but write nothing to disk.
@@ -55,7 +56,44 @@ def unpack_bundle(
     """
     # 1. If archive, extract to temp dir
     cleanup_temp = False
-    if bundle_path.is_file() and bundle_path.name.endswith(".tar.gz"):
+    if bundle_path.is_file() and bundle_path.name.endswith(".zip"):
+        from ..config import get_apm_temp_dir
+
+        temp_dir = Path(tempfile.mkdtemp(prefix="apm-unpack-", dir=get_apm_temp_dir()))
+        cleanup_temp = True
+        try:
+            with zipfile.ZipFile(bundle_path, "r") as zf:
+                # Security: prevent path traversal and symlink entries
+                for member in zf.infolist():
+                    name = member.filename
+                    if (
+                        name.startswith("/")
+                        or PureWindowsPath(name).drive
+                        or PureWindowsPath(name).is_absolute()
+                    ):
+                        raise ValueError(f"Refusing to extract path-traversal entry: {name}")
+                    try:
+                        validate_path_segments(name, context="zip member")
+                    except PathTraversalError:
+                        raise ValueError(
+                            f"Refusing to extract path-traversal entry: {name}"
+                        ) from None
+                    # Detect Unix symlinks stored in zip external_attr
+                    if (member.external_attr >> 16) & 0o170000 == 0o120000:
+                        raise ValueError(f"Refusing to extract symlink: {name}")
+                zf.extractall(temp_dir)  # noqa: S202
+        except Exception:
+            shutil.rmtree(temp_dir, ignore_errors=True)
+            raise
+
+        # Locate inner directory (the archive wraps a single top-level dir)
+        children = list(temp_dir.iterdir())
+        if len(children) == 1 and children[0].is_dir():  # noqa: SIM108
+            source_dir = children[0]
+        else:
+            source_dir = temp_dir
+    elif bundle_path.is_file() and bundle_path.name.endswith(".tar.gz"):
+        # Legacy .tar.gz support (backward compat)
         from ..config import get_apm_temp_dir
 
         temp_dir = Path(tempfile.mkdtemp(prefix="apm-unpack-", dir=get_apm_temp_dir()))

src/apm_cli/commands/pack.py

@@ -26,7 +26,7 @@
 
 Reads apm.yml to decide what to produce:
 
-  dependencies: block  ->  bundle (directory or .tar.gz)
+  dependencies: block  ->  bundle (directory or .zip)
   marketplace: block   ->  selected marketplace artifacts
   target: / targets:   ->  ecosystem-specific plugin.json (claude/copilot)
   both blocks present  ->  bundle plus selected marketplace artifacts
@@ -168,7 +168,7 @@ def _parse_marketplace_filter(
     "--archive",
     is_flag=True,
     default=False,
-    help="Produce a .tar.gz archive instead of a directory.",
+    help="Produce a .zip archive instead of a directory.",
 )
 @click.option(
     "-o",

tests/integration/test_pack_unpack_e2e.py

@@ -78,7 +78,7 @@ def test_full_round_trip(self, apm_command, temp_project, tmp_path):
         assert result.returncode == 0, f"pack failed: {result.stderr}"
 
         build_dir = temp_project / "build"
-        archives = list(build_dir.glob("*.tar.gz"))
+        archives = list(build_dir.glob("*.zip"))
         assert len(archives) == 1, f"Expected 1 archive, found {archives}"
 
         # 3. Install the bundle in a clean directory. Seed the copilot

tests/integration/test_wave3_marketplace_coverage.py

@@ -297,7 +297,7 @@ def test_pack_with_output_directory(self, runner: CliRunner, tmp_path: Path) ->
             assert result.exit_code == 0, result.output
 
     def test_pack_with_archive_flag(self, runner: CliRunner, tmp_path: Path) -> None:
-        """Test pack with --archive to create .tar.gz."""
+        """Test pack with --archive to create .zip."""
         with runner.isolated_filesystem(temp_dir=str(tmp_path)):
             _write_minimal_project(Path.cwd())
             (Path.cwd() / "apm.yml").write_text(

tests/integration/test_wave6_init_pack_coverage.py

@@ -494,7 +494,7 @@ def test_pack_format_apm(self, runner, tmp_path, monkeypatch):
         assert result.exit_code == 0, result.output
 
     def test_pack_archive(self, runner, tmp_path, monkeypatch):
-        """--archive flag produces a .tar.gz artifact."""
+        """--archive flag produces a .zip artifact."""
         monkeypatch.chdir(tmp_path)
         clear_apm_yml_cache()
         _make_skill_project(tmp_path)

tests/unit/commands/test_pack_cli_surface.py

@@ -216,7 +216,7 @@ def test_live_plugin_format_progress_message(self) -> None:
     def test_live_apm_format_no_plugin_message(self) -> None:
         """'apm' format does NOT emit the plugin-ready progress message."""
         logger = _RecordingLogger()
-        result = _pack_result(files=["bundle.tar.gz"])
+        result = _pack_result(files=["bundle.zip"])
         _render_bundle_result(logger, result, "apm", None, False)
         assert not any("Plugin bundle ready" in p for p in logger.progresses)
 
@@ -539,7 +539,7 @@ def test_json_output_envelope_shape(self, tmp_path: Path, monkeypatch) -> None:
 class TestUnpackCmd:
     def test_unpack_deprecation_warning(self, tmp_path: Path) -> None:
         """unpack always emits a deprecation warning."""
-        bundle = tmp_path / "bundle.tar.gz"
+        bundle = tmp_path / "bundle.zip"
         bundle.write_bytes(b"fake")
         result = CliRunner().invoke(
             unpack_cmd,
@@ -551,7 +551,7 @@ def test_unpack_nonexistent_bundle(self, tmp_path: Path) -> None:
         """Passing a non-existent path exits non-zero."""
         result = CliRunner().invoke(
             unpack_cmd,
-            [str(tmp_path / "no-such-bundle.tar.gz"), "--dry-run"],
+            [str(tmp_path / "no-such-bundle.zip"), "--dry-run"],
         )
         assert result.exit_code != 0
 

tests/unit/commands/test_pack_phase3.py

@@ -216,7 +216,7 @@ def test_live_plugin_format_progress_message(self) -> None:
     def test_live_apm_format_no_plugin_message(self) -> None:
         """'apm' format does NOT emit the plugin-ready progress message."""
         logger = _RecordingLogger()
-        result = _pack_result(files=["bundle.tar.gz"])
+        result = _pack_result(files=["bundle.zip"])
         _render_bundle_result(logger, result, "apm", None, False)
         assert not any("Plugin bundle ready" in p for p in logger.progresses)
 
@@ -539,7 +539,7 @@ def test_json_output_envelope_shape(self, tmp_path: Path, monkeypatch) -> None:
 class TestUnpackCmd:
     def test_unpack_deprecation_warning(self, tmp_path: Path) -> None:
         """unpack always emits a deprecation warning."""
-        bundle = tmp_path / "bundle.tar.gz"
+        bundle = tmp_path / "bundle.zip"
         bundle.write_bytes(b"fake")
         result = CliRunner().invoke(
             unpack_cmd,
@@ -551,7 +551,7 @@ def test_unpack_nonexistent_bundle(self, tmp_path: Path) -> None:
         """Passing a non-existent path exits non-zero."""
         result = CliRunner().invoke(
             unpack_cmd,
-            [str(tmp_path / "no-such-bundle.tar.gz"), "--dry-run"],
+            [str(tmp_path / "no-such-bundle.zip"), "--dry-run"],
         )
         assert result.exit_code != 0
 

tests/unit/test_packer.py

@@ -1,7 +1,7 @@
 """Unit tests for apm_cli.bundle.packer."""
 
 import os
-import tarfile
+import zipfile
 from pathlib import Path
 from unittest.mock import patch
 
@@ -210,13 +210,13 @@ def test_pack_archive(self, tmp_path):
 
         result = pack_bundle(project, out, archive=True)
 
-        assert result.bundle_path.name == "test-pkg-1.0.0.tar.gz"
+        assert result.bundle_path.name == "test-pkg-1.0.0.zip"
         assert result.bundle_path.exists()
         # The directory should be cleaned up
         assert not (out / "test-pkg-1.0.0").exists()
         # Archive is valid
-        with tarfile.open(result.bundle_path, "r:gz") as tar:
-            names = tar.getnames()
+        with zipfile.ZipFile(result.bundle_path, "r") as zf:
+            names = zf.namelist()
             assert any("a.md" in n for n in names)
 
     def test_pack_custom_output_dir(self, tmp_path):